LORD KILLJOY 5 apr 2013 om 11:03vm
BEWARE! User Passwords Exposed by Hacking!
I would think twice before purchasing this game solely due to the lack of internal security. Although this is not the first game/company to experience hacking (think Sony), the compromising of my user data is troublesome. If you do decide to purchase/play, I highly recommend you choose a password that is unique only to this game to limit further exposure.

http://arstechnica.com/security/2013/04/war-z-taken-offline-following-hack-that-exposed-user-passwords/

Don't support this game/company any further as it is riddled with problems and pending lawsuits. Until issues are addressed or an action plan established, steer clear.

Most likely... this post will be deleted or buried per 'strict posting guidelines' of this forum. Nonetheless, I found it necessary to share this information.
Laatst bewerkt door LORD KILLJOY; 5 apr 2013 om 9:53nm
1-13 van 13 reacties weergegeven
< >
xjxason 5 apr 2013 om 11:05vm 
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.
Desyrel 5 apr 2013 om 11:06vm 
Buy the game > Account is hacked > buy the game > Accout is hacked ... ad infinutum
Nice business model!
Desyrel 5 apr 2013 om 11:07vm 
Origineel geplaatst door xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.
Fairy tale told so.
xjxason 5 apr 2013 om 11:11vm 
Don't talk ♥♥♥♥ unless you know what you're talking about. I STILL haven't changed my password since the hack and my account STILL hasn't been broken into. Only idiots with passwords like abc123 password wordpass or people that try downloading fake hacks will get their accounts broken into. The hackers obviously only hacked the war z just because they could, not because they wanted to steal peoples accounts.
LORD KILLJOY 5 apr 2013 om 11:15vm 
Origineel geplaatst door xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.

I hope you realize that it is a common misconception/myth that encrypted data cannot be 'cracked'. Encryption does have methodology that can be reversed.

"Brute Force" cracking simply refers to trial and error. For example, If I tried every possible lock combination manually.

Decrypting encrypted data IS more time consuming and tedious, but granted potential financial data may be linked is enough incentive for some individuals. Simply because you can still log into your War-Z account doesnt mean your data has been NOT compromised. I highly doubt someone would dedicate the time and effort just to take your gear. The real prize would be your financial data.
Laatst bewerkt door LORD KILLJOY; 5 apr 2013 om 11:15vm
Desyrel 5 apr 2013 om 11:15vm 
Origineel geplaatst door xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about. I STILL haven't changed my password since the hack and my account STILL hasn't been broken into. Only idiots with passwords like abc123 password wordpass or people that try downloading fake hacks will get their accounts broken into. The hackers obviously only hacked the war z just because they could, not because they wanted to steal peoples accounts.

That's why they hack, if you've not informed about hacking yet. Welcome to the internet.
Laatst bewerkt door Desyrel; 5 apr 2013 om 11:16vm
LORD KILLJOY 5 apr 2013 om 11:16vm 
Origineel geplaatst door xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about..

Speak for yourself. You clearly dont know much about decryption. Again, It's a common myth that encrypted data cannot be reversed. Encryption simply makes the process more tedious and time consuming.

Real hackers aren't interested in your virtual cache of virtual items/gear for a virtual, intangible game; they want your money. Simply because you can still log into your account and everything seems untouched is by no means an indication that your account data is secure and not compromised.

Ever try fighting a fraudulent charge internationally? I have not, but I know for certain the same laws that protect you in America, UK or wherever may not always shelter you overseas.
Laatst bewerkt door LORD KILLJOY; 5 apr 2013 om 11:23vm
Desyrel 5 apr 2013 om 11:27vm 
Origineel geplaatst door KillJoy:
Origineel geplaatst door xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about..

Speak for yourself. You clearly dont know much about decryption. Again, It's a common myth that encrypted data cannot be reversed. Encryption simply makes the process more tedious and time consuming.

Real hackers aren't interested in your virtual cache of virtual items/gear for a virtual, intangible game; they want your money. Simply because you can still log into your account and everything seems untouched is by no means an indication that your account data is secure and not compromised.

Ever try fighting a fraudulent charge internationally? I have not, but I know for certain the same laws that protect you in America, UK or wherever may not always shelter you overseas.

That is why there do exist a huge market for this kind of information on East Europe.
Siresly 5 apr 2013 om 12:22nm 
Origineel geplaatst door xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.
Origineel geplaatst door xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about. I STILL haven't changed my password since the hack and my account STILL hasn't been broken into. Only idiots with passwords like abc123 password wordpass or people that try downloading fake hacks will get their accounts broken into. The hackers obviously only hacked the war z just because they could, not because they wanted to steal peoples accounts.
What the....uuuuuggh.

I am far from an expert on the subject, but I at least know more about this stuff than you do. I know for instance that "encryption" doesn't necessarily mean anything, what a salt is, that people generally don't hack into stuff for no reason, account databases take time to sift through, have value to certain people, and that these people don't plan on using that information for good.

You really, really should not be giving anyone any sort of advice or information regarding online security.
Elazul 5 apr 2013 om 4:47nm 
Reading these forums is like watching the carnage from a train wreck. Lawsuits in 5... 4.. 3.. 2.. 1....
LORD KILLJOY 5 apr 2013 om 4:50nm 
Origineel geplaatst door Elazul:
Reading these forums is like watching the carnage from a train wreck. Lawsuits in 5... 4.. 3.. 2.. 1....

For what? Reposting publically available news? Besides, they have a petition for a class action law suit to deal with;

http://www.thepetitionsite.com/531/555/583/petition-for-a-class-action-lawsuit-against-hammerpoint-interactive-creators-of-the-warz/
Laatst bewerkt door LORD KILLJOY; 5 apr 2013 om 4:54nm
Hannibal's Leftovers 5 apr 2013 om 6:19nm 
Origineel geplaatst door xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.

Doesnt matter, they placed an intercept trojan in the database. They intercepted your passwords before they were encrypted. Same way keyloggers work. And yes, they can hack encrypted passwords as the gent above stated. They used an intercept trojan to log your password as it was typed. Might want to do some research yourself. ;) But sure, keep your existing password, Im sure its safe.............. :D
Laatst bewerkt door Hannibal's Leftovers; 5 apr 2013 om 6:20nm
LORD KILLJOY 5 apr 2013 om 9:51nm 
Bump
1-13 van 13 reacties weergegeven
< >
Per pagina: 15 30 50
Geplaatst op: 5 apr 2013 om 11:03vm
Aantal berichten: 13